A. Technical Field
The present invention relates to secure data transmission, and more particularly, to systems, devices, and methods of securing devices that are remotely controlled over a network.
B. Background of the Invention
A rapidly increasing number of communication systems rely on transferring data over networks in order to remotely control devices, such as sensors and actuators that are connected to cloud-based computing architectures. Often large amounts of data is aggregated and transferred to servers or data centers that monitor incoming data and respond accordingly. For example, a distributed network of smoke detectors and temperature sensors may collect temperature data inside a building and transmit the data to a remotely located server that monitors one or more environmental conditions. The remote server continuously analyzes the data, and based on the results takes some action via one or more interfacing actuators, such as adjusting the temperature setting on an air-conditioning system or activating a sprinkler system in case of detecting a fire.
One major concern associated with data communication over networks that facilitate operation of automated equipment with no human interaction or oversight is the exposure to unauthorized or accidental data manipulation. Where data transfer and decision making are practically unsupervised, potential intruders can relatively easily intercept the data stream to carry out attacks on networked devices while remaining entirely undetected. Data interruption or partial data loss can render devices inoperative, as each device typically expects a predetermined sequence of data (e.g., a data protocol) to establish communication and transfer information. Data security is particularly important in certain applications, such as remotely operated medical devices, where a security breach may result in detrimental or even life threatening scenarios. Therefore, steps must be taken to ensure that data is transferred correctly and securely.
While some electronic devices afford limited protection by employing secure microcontrollers that add encryption to data prior to upstream transmission over a digital network, unsecured data at the device level and the microcontroller itself remain vulnerable to attack. Existing approaches leave the communication system still at significant risk of intentional data manipulation by potential intruders that seek out opportunities to interfere with networked devices that transmit or receive data. Data integrity of existing electronic devices is relatively easily compromised as no security measures are applied to the data prior to being secured by the microcontroller. Additionally, devices in which data is converted from digital to analog format or vice versa are oftentimes not equipped to verify the validity of the source of the data to ensure that transmitted data is sufficiently trustworthy to provide a desired level of protection.
What is need are tools to overcome the above-described limitations.